Fix after merge from 3.23

Docs/manual.texi: Added section about LOAD DATA LOCAL libmysqld/lib_sql.cc: Remove not used option mysql-test/r/comments.result: Updated results sql/sql_parse.cc: Fix queries / second
2002-02-15 02:49:02 +02:00 · 2002-02-15 02:49:02 +02:00 · 93c1f96f7d
commit 93c1f96f7d
parent d44aef016c
6 changed files with 74 additions and 14 deletions
--- a/Docs/manual.texi
+++ b/Docs/manual.texi
@ -10065,6 +10065,14 @@ but as of January 25th, 2001, it's only available in the ``-current'' branch.
 The symptoms of this threading bug are: slow response, high load, high CPU
 usage, and crashes.
 If you get an error like @code{Error in accept:: Bad file descriptor} or
 error 9 when trying to open tables or directories, the problem is probably
 that you haven't allocated enough file descriptors for MySQL.
 In this case try starting @code{safe_mysqld} as root with the following
 options:
@code{--user=mysql --open-files-limit=2048}
@node BSDI, BSDI3, OpenBSD 2.8, BSD Notes
@subsubsection BSD/OS Version 2.x Notes
@ -14614,6 +14622,7 @@ system.  This section describes how it works.
 * General security::            General security
 * Security::                    How to make MySQL secure against crackers
 * Privileges options::          Startup Options for @code{mysqld} Concerning Security
 * LOAD DATA LOCAL::             
 * What Privileges::             What the privilege system does
 * Privileges::                  How the privilege system works
 * Privileges provided::         Privileges provided by MySQL
@ -14931,13 +14940,16 @@ can do this by setting the @code{max_user_connections} variable in
@end itemize
-
+@node Privileges options, LOAD DATA LOCAL, Security, Privilege system
@node Privileges options, What Privileges, Security, Privilege system
@subsection Startup Options for @code{mysqld} Concerning Security
 The following @code{mysqld} options affect security:
@table @code
@item --local-infile[=(0|1)]
 If one uses @code{--local-infile=0} then one can't use @code{LOAD DATA LOCAL
 INFILE}.
@item --safe-show-database
 With this option,
@code{SHOW DATABASES} returns only those databases for which the user has
@ -14979,8 +14991,50 @@ With this option, the
@end table
@node LOAD DATA LOCAL, What Privileges, Privileges options, Privilege system
@subsection Security issues with LOAD DATA LOCAL
-@node What Privileges, Privileges, Privileges options, Privilege system
+In MySQL 3.23.49 and MySQL 4.0.2 we added some new options to deal with
 possible security issues when it comes to @code{LOAD DATA LOCAL}.
 There are two possible problems with supporting this command:
 As the reading of the file is initiated from the server, one could
 theoretically create a patched MySQL server that could read any file one
 the client machine, for which the current user have read privilege, when
 the client issues a query against the table.
 In a web environment where the clients are connection from an web
 server, a user could use @code{LOAD DATA LOCAL} to read any files for
 which the web server process have read access to (assuming a user could
 run any command against the SQL server).
 There are two separte fixes for this:
 If one doesn't configure with @code{--enable-local-infile} then
@code{LOAD DATA LOCAL} will be disabled by all clients, unless one
 calls @code{mysql_options(... MYSQL_OPT_LOCAL_INFILE, 0)} in the client.
@xref{mysql_options, , @code{mysql_options}}.
 One can enable this command in the @code{mysql} command line client by
 specify the option @code{--local-infile[=1]} and disable it with
@code{--local-infile=0}.
 By default all MySQL clients and libraries are compiled with
@code{--enable-local-infile}, to be compatible with MySQL 3.23.48 and
 before.
 One can disable all @code{LOAD DATA LOCAL} commands in the MySQL server
 by starting @code{mysqld} with @code{--local-infile=0}.
 In the case of that @code{LOAD DATA INFILE} is disabled in the server or
 the client, you will get the error message (1148):
@example
 The used command is not allowed with this MySQL version
@end example
@node What Privileges, Privileges, LOAD DATA LOCAL, Privilege system
@subsection What the Privilege System Does
@cindex system, privilege
@ -33816,6 +33870,10 @@ Also, to use @code{LOAD DATA INFILE} on server files, you must have the
@strong{file} privilege on the server host.
@xref{Privileges provided}.
 In MySQL 3.23.49 and MySQL 4.0.2 @code{LOCAL} will only work if you have
 not started @code{mysqld} with @code{--local-infile=0} or if you
 have not enabled your client to support @code{LOCAL}. @xref{LOAD DATA LOCAL}.
 If you specify the keyword @code{LOW_PRIORITY}, execution of the
@code{LOAD DATA} statement is delayed until no other clients are reading
 from the table.
@ -42444,6 +42502,7 @@ Possible options values:
@item @strong{Option} @tab @strong{Argument type} @tab @strong{Function}
@item @code{MYSQL_OPT_CONNECT_TIMEOUT} @tab @code{unsigned int *} @tab Connect timeout in seconds.
@item @code{MYSQL_OPT_COMPRESS} @tab Not used @tab Use the compressed client/server protocol.
@item @code{MYSQL_OPT_LOCAL_INFILE} @tab optional pointer to uint @tab If no pointer is given or if pointer points to an @code{unsigned int != 0} the command @code{LOAD LOCAL INFILE} is enabled.
@item @code{MYSQL_OPT_NAMED_PIPE} @tab Not used @tab Use named pipes to connect to a MySQL server on NT.
@item @code{MYSQL_INIT_COMMAND} @tab @code{char *} @tab Command to execute when connecting to the MySQL server. Will automatically be re-executed when reconnecting.
@item @code{MYSQL_READ_DEFAULT_FILE} @tab @code{char *} @tab Read options from the named option file instead of from @file{my.cnf}.
@ -42461,9 +42520,11 @@ The specified group in the option file may contain the following options:
@item @code{compress} @tab Use the compressed client/server protocol.
@item @code{database} @tab Connect to this database if no database was specified in the connect command.
@item @code{debug} @tab Debug options.
@item @code{disable-local-infile} @tab Disable use of @code{LOAD DATA LOCAL}.
@item @code{host} @tab Default host name.
@item @code{init-command} @tab Command to execute when connecting to MySQL server. Will automatically be re-executed when reconnecting.
@item @code{interactive-timeout} @tab Same as specifying @code{CLIENT_INTERACTIVE} to @code{mysql_real_connect()}. @xref{mysql_real_connect}.
@item @code{local-infile[(=0|1)]} @tab If no argument or argument != 0 then enable use of @code{LOAD DATA LOCAL}.
@item @code{password} @tab Default password.
@item @code{pipe} @tab Use named pipes to connect to a MySQL server on NT.
@item @code{port} @tab Default port number.
@ -49510,7 +49571,7 @@ This ensures that one gets same values for date functions like @code{NOW()}
 when using @code{mysqlbinlog} to pipe the queries to another server.
@item
 Allow one to use @code{--skip-gemini}, @code{--skip-bdb} and
-@code{--skip-innobase} to @code{mysqld} even if these databases are not
+@code{--skip-innodb} to @code{mysqld} even if these databases are not
 compiled in @code{mysqld}.
@item
 One can now do @code{GROUP BY ... DESC}.
--- a/libmysqld/lib_sql.cc
+++ b/libmysqld/lib_sql.cc
@ -121,8 +121,6 @@ void start_embedded_conn1(NET * net)
  if (thd->max_join_size == HA_POS_ERROR)
    thd->options |= OPTION_BIG_SELECTS;
  if (thd->options & OPTION_ANSI_MODE)
    thd->client_capabilities|=CLIENT_IGNORE_SPACE;
  thd->proc_info=0;				// Remove 'login'
  thd->command=COM_SLEEP;
--- a/mysql-test/r/comments.result
+++ b/mysql-test/r/comments.result
@ -5,7 +5,7 @@ select 1 /* long
 multi line comment */;
 1
 1
-/* empty query */;
+;
 Query was empty
 select 1 /*!32301 +1 */;
 1 /*!32301 +1
@ -25,3 +25,4 @@ select 1 # The rest of the row will be ignored
 ;
 1
 1
 /* line with only comment */;
--- a/sql/sql_lex.cc
+++ b/sql/sql_lex.cc
@ -768,7 +768,7 @@ int yylex(void *arg)
      return(TEXT_STRING);
    case STATE_COMMENT:			//  Comment
-      lex->options|= OPTION_FOUND_COMMENT;
+      lex->select_lex.options|= OPTION_FOUND_COMMENT;
      while ((c = yyGet()) != '\n' && c) ;
      yyUnget();			// Safety against eof
      state = STATE_START;		// Try again
@ -780,7 +780,7 @@ int yylex(void *arg)
 	break;
      }
      yySkip();				// Skip '*'
-      lex->options|= OPTION_FOUND_COMMENT;
+      lex->select_lex.options|= OPTION_FOUND_COMMENT;
      if (yyPeek() == '!')		// MySQL command in comment
      {
 	ulong version=MYSQL_VERSION_ID;
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@ -141,12 +141,12 @@ static int get_or_create_user_conn(THD *thd, const char *user,
    /* First connection for user; Create a user connection object */
    if (!(uc= ((struct user_conn*)
 	       my_malloc(sizeof(struct user_conn) + temp_len+1,
-			 MYF(MY_WME)))
+			 MYF(MY_WME)))))
-      {
+    {
      send_error(&current_thd->net, 0, NullS);	// Out of memory
      return_val=1;
      goto end;
-    }     
+    }
    uc->user=(char*) (uc+1);
    memcpy(uc->user,temp_user,temp_len+1);
    uc->len = temp_len;
@ -382,7 +382,7 @@ static void reset_mqh(THD *thd, LEX_USER *lu, uint mq)
    {
      char user[USERNAME_LENGTH+1];
      char *where;
-      UC *uc=(struct user_conn *) hash_element(&hash_element, idx);
+      UC *uc=(struct user_conn *) hash_element(&hash_user_connections, idx);
      where=strchr(uc->user,'@');
      strmake(user,uc->user,where - uc->user);
      uc->max_questions=get_mqh(user,where+1);
--- a/sql/sql_yacc.yy
+++ b/sql/sql_yacc.yy
@ -598,7 +598,7 @@ query:
 	{
 	   THD *thd=current_thd;
 	   if (!thd->bootstrap &&
-	      (!(thd->lex.options & OPTION_FOUND_COMMENT)))
+	      (!(thd->lex.select_lex.options & OPTION_FOUND_COMMENT)))
 	   {
 	     send_error(&current_thd->net,ER_EMPTY_QUERY);
 	     YYABORT;